In-person + Virtual
16 -20 May
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Friday, May 20 • 11:00 - 11:35
Attacking & Defending Kubernetes TEE Enclaves in Critical Infrastructure - Robert Ficcaglia, SunStone Secure, LLC

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Trusted Execution Environments (TEE)s are a feature of Intel, AMD, ARM and other chip platforms, widely available on public clouds for high security infrastructure. Kubernetes can be deployed with TEE enclaves to create a Trusted Computing Base (TCB) which can cryptographically protect the compute and memory environment for the Kubernetes control plane, data flows, and CI/CD pipelines on-chip. This greatly reduces the attack "surface area" and reduces 3rd party supply chain risks. The session will examine detailed Kubernetes threat models for critical infrastructure and demonstrate how to attack and defend Kubernetes workloads in the context of TEEs. Attendees will learn how to use enclaves to protect the integrity of container images used for workloads, deploy TEE-based Pods,.examine development and operational challenges with TEE usage, and explore compliance benefits including specific policy and control mappings for GDPR, CCPA, PCI, HIPAA and NIST 800-53.

Click here to view captioning/translation in the MeetingPlay platform!


Robert Ficcaglia

CTO, Self
Robert Ficcaglia is CTO of SunStone Secure, a virtual CISO and Compliance Advisory firm, and also serves as the Kubernetes Policy Workgroup Co-Chair, CNCF Security Technical Advisory Group (TAG) Lead Assessor, and member of the Kubernetes Security Special Interest Group (SIG-security... Read More →

Friday May 20, 2022 11:00 - 11:35 CEST
Auditorium 1A | Event Center Feria Valencia